work

thomaswoehlke · thomaswoehlke · commit 6ec417e12888 · 2022-11-21T13:44:49.000+01:00
diff --git a/src/main/java/org/woehlke/greenshop/conf/GreenshopProperties.java b/src/main/java/org/woehlke/greenshop/conf/GreenshopProperties.java
@@ -0,0 +1,134 @@
+package org.woehlke.greenshop.conf;
+
+import lombok.EqualsAndHashCode;
+import lombok.Getter;
+import lombok.Setter;
+import lombok.ToString;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.boot.context.properties.ConfigurationProperties;
+import org.springframework.stereotype.Component;
+import org.springframework.validation.annotation.Validated;
+
+import javax.validation.Valid;
+import javax.validation.constraints.Email;
+import javax.validation.constraints.NotBlank;
+import javax.validation.constraints.NotNull;
+import java.io.Serializable;
+
+
+@Slf4j
+@Getter
+@Setter
+@ToString
+@EqualsAndHashCode
+@Validated
+@Component
+@ConfigurationProperties(prefix="org.woehlke.greenshop")
+public class GreenshopProperties implements Serializable {
+
+    private static final long serialVersionUID = 4480323170764476017L;
+
+    @NotNull
+    private Boolean devTesting;
+
+    @NotNull
+    private Integer testDataHowManyTestData;
+
+    @Valid
+    @NotNull
+    public UserConfig userConfig;
+
+    @Valid
+    @NotNull
+    public WebConfig webConfig;
+
+    @Valid
+    @NotNull
+    public WebSecurity webSecurity;
+
+    @ToString
+    @Getter
+    @Setter
+    @Validated
+    public static class UserConfig {
+
+        @Email
+        @NotBlank
+        private String userEmail;
+
+        @NotBlank
+        private String userPassword;
+
+        @NotBlank
+        private String userFullname;
+    }
+
+    @ToString
+    @Getter
+    @Setter
+    @Validated
+    public static class WebConfig {
+
+        @NotBlank
+        private String exportFilename;
+
+        @NotBlank
+        private String exportFilenameSeparator;
+
+        @NotNull
+        private String[] webAddResourceHandlers;
+
+        @NotNull
+        private String[] webAddResourceHandlersStatic;
+    }
+
+
+    @ToString
+    @Getter
+    @Setter
+    @Validated
+    public static class WebSecurity {
+
+        @NotNull
+        private Boolean invalidateHttpSession;
+
+        @NotBlank
+        private String loginProcessingUrl;
+
+        @NotBlank
+        private String failureForwardUrl;
+
+        @NotBlank
+        private String defaultSuccessUrl;
+
+        @NotBlank
+        private String logoutUrl;
+
+        @NotBlank
+        private String loginPage;
+
+        @NotBlank
+        private String deleteCookies;
+
+        @NotBlank
+        private String antMatchersFullyAuthenticated;
+
+        @NotNull
+        private String[] antMatchersPermitAll;
+
+        @NotBlank
+        private String usernameParameter;
+
+        @NotBlank
+        private String passwordParameter;
+
+        @NotBlank
+        private String secret;
+
+        @NotNull
+        private Integer iterations;
+
+        @NotNull
+        private Integer hashWidth;
+    }
+}
diff --git a/src/main/java/org/woehlke/greenshop/conf/GreenshopWebMvcConfig.java b/src/main/java/org/woehlke/greenshop/conf/GreenshopWebMvcConfig.java
@@ -0,0 +1,77 @@
+package org.woehlke.greenshop.conf;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
+import org.springframework.boot.context.properties.EnableConfigurationProperties;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.data.jpa.repository.config.EnableJpaRepositories;
+import org.springframework.data.web.config.EnableSpringDataWebSupport;
+import org.springframework.scheduling.annotation.EnableAsync;
+import org.springframework.validation.beanvalidation.MethodValidationPostProcessor;
+import org.springframework.web.servlet.LocaleResolver;
+import org.springframework.web.servlet.config.annotation.EnableWebMvc;
+import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
+import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry;
+import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
+import org.springframework.web.servlet.i18n.LocaleChangeInterceptor;
+import org.springframework.web.servlet.i18n.SessionLocaleResolver;
+
+import java.util.Locale;
+
+@Configuration
+@EnableAsync
+@EnableJpaRepositories({
+        "org.woehlke.greenshop"
+})
+@EnableConfigurationProperties({
+        GreenshopProperties.class
+})
+@EnableWebMvc
+@EnableSpringDataWebSupport
+@EnableAutoConfiguration
+public class GreenshopWebMvcConfig implements WebMvcConfigurer {
+
+    private final GreenshopProperties greenshopProperties;
+
+    @Autowired
+    public GreenshopWebMvcConfig(GreenshopProperties greenshopProperties) {
+        this.greenshopProperties = greenshopProperties;
+    }
+
+    @Bean
+    public LocaleResolver localeResolver() {
+        SessionLocaleResolver slr = new SessionLocaleResolver();
+        slr.setDefaultLocale(Locale.GERMAN);
+        return slr;
+    }
+
+    @Bean
+    public LocaleChangeInterceptor localeChangeInterceptor() {
+        LocaleChangeInterceptor lci = new LocaleChangeInterceptor();
+        lci.setParamName("lang");
+        return lci;
+    }
+
+    @Bean
+    public MethodValidationPostProcessor methodValidationPostProcessor() {
+        return new MethodValidationPostProcessor();
+    }
+
+    @Override
+    public void addInterceptors(InterceptorRegistry registry) {
+        registry.addInterceptor(localeChangeInterceptor());
+    }
+
+    @Override
+    public void addResourceHandlers(ResourceHandlerRegistry registry) {
+        for(String key: greenshopProperties.getWebConfig().getWebAddResourceHandlers()){
+            registry.addResourceHandler("/"+key+"*").addResourceLocations("/"+key);
+            registry.addResourceHandler("/"+key+"**").addResourceLocations("/"+key);
+        }
+        for(String key: greenshopProperties.getWebConfig().getWebAddResourceHandlersStatic()){
+            registry.addResourceHandler("/"+key+"*").addResourceLocations("classpath:/static/"+key);
+            registry.addResourceHandler("/"+key+"**").addResourceLocations("classpath:/static/"+key);
+        }
+    }
+}
diff --git a/src/main/java/org/woehlke/greenshop/conf/GreenshopWebSecurityConfig.java b/src/main/java/org/woehlke/greenshop/conf/GreenshopWebSecurityConfig.java
@@ -0,0 +1,119 @@
+package org.woehlke.greenshop.conf;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.Import;
+import org.springframework.data.web.config.EnableSpringDataWebSupport;
+import org.springframework.security.authentication.AuthenticationManager;
+import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.crypto.password.PasswordEncoder;
+import org.springframework.security.crypto.password.Pbkdf2PasswordEncoder;
+import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
+import org.springframework.web.servlet.config.annotation.EnableWebMvc;
+import org.woehlke.greenshop.oodm.admin.service.AdministratorService;
+
+
+@SuppressWarnings("deprecation")
+@Configuration
+@EnableWebSecurity
+@EnableSpringDataWebSupport
+@Import({
+        GreenshopWebMvcConfig.class
+})
+@EnableWebMvc
+@EnableAutoConfiguration
+public class GreenshopWebSecurityConfig extends WebSecurityConfigurerAdapter {
+
+    @Autowired
+    public GreenshopWebSecurityConfig(
+            AuthenticationManagerBuilder auth,
+            AdministratorService administratorService,
+            GreenshopProperties greenshopProperties
+    ) {
+        this.authenticationManagerBuilder = auth;
+        this.administratorService = administratorService;
+        this.greenshopProperties = greenshopProperties;
+    }
+
+    private final AuthenticationManagerBuilder authenticationManagerBuilder;
+    private final UserDetailsService administratorService;
+    private final GreenshopProperties greenshopProperties;
+
+
+    @Override
+    protected void configure(HttpSecurity http) throws Exception {
+        http
+                .headers()
+                .disable()
+                .authorizeRequests()
+                .antMatchers(
+                        this.greenshopProperties.getWebSecurity().getAntMatchersPermitAll()
+                )
+                .permitAll()
+                .antMatchers(
+                        this.greenshopProperties.getWebSecurity().getAntMatchersFullyAuthenticated()
+                )
+                .fullyAuthenticated().anyRequest().authenticated()
+                .and()
+                .formLogin()
+                .loginPage(
+                        this.greenshopProperties.getWebSecurity().getLoginPage()
+                )
+                .usernameParameter(this.greenshopProperties.getWebSecurity().getUsernameParameter())
+                .passwordParameter(this.greenshopProperties.getWebSecurity().getPasswordParameter())
+                .defaultSuccessUrl(this.greenshopProperties.getWebSecurity().getDefaultSuccessUrl())
+                .failureForwardUrl(this.greenshopProperties.getWebSecurity().getFailureForwardUrl())
+                .loginProcessingUrl(this.greenshopProperties.getWebSecurity().getLoginProcessingUrl())
+                //.successHandler(this.authenticationSuccessHandler)
+                .permitAll()
+                .and()
+                .logout()
+                .logoutUrl(this.greenshopProperties.getWebSecurity().getLogoutUrl())
+                .deleteCookies(this.greenshopProperties.getWebSecurity().getDeleteCookies())
+                .invalidateHttpSession(this.greenshopProperties.getWebSecurity().getInvalidateHttpSession())
+                .permitAll();
+    }
+
+    /**
+     * @see <a href="https://asecuritysite.com/encryption/PBKDF2">Encrypt with PBKDF2</a>
+     * @return PasswordEncoder encoder
+     */
+    @Bean
+    public PasswordEncoder encoder(){
+        CharSequence secret=this.greenshopProperties.getWebSecurity().getSecret();
+        int iterations=this.greenshopProperties.getWebSecurity().getIterations();
+        int hashWidth=this.greenshopProperties.getWebSecurity().getHashWidth();
+        Pbkdf2PasswordEncoder encoder = (new Pbkdf2PasswordEncoder(secret,iterations,hashWidth));
+        encoder.setEncodeHashAsBase64(true);
+        return encoder;
+    }
+
+    @Bean
+    public DaoAuthenticationProvider authProvider() {
+        DaoAuthenticationProvider authProvider = new DaoAuthenticationProvider();
+        authProvider.setUserDetailsService(  this.administratorService);
+        authProvider.setPasswordEncoder(encoder());
+        return authProvider;
+    }
+
+    @Bean
+    public AuthenticationManager authenticationManager() throws Exception {
+        return this.authenticationManagerBuilder.userDetailsService(administratorService).passwordEncoder(encoder()).and().build();
+    }
+
+    @Bean
+    public UsernamePasswordAuthenticationFilter authenticationFilter() throws Exception {
+        UsernamePasswordAuthenticationFilter filter = new UsernamePasswordAuthenticationFilter();
+        filter.setAuthenticationManager(authenticationManager());
+        filter.setFilterProcessesUrl(this.greenshopProperties.getWebSecurity().getLoginProcessingUrl());
+        return filter;
+    }
+
+}
diff --git a/src/main/resources/root-context.xml b/src/main/resources/root-context.xml
@@ -5,7 +5,6 @@
 	xmlns:context="http://www.springframework.org/schema/context"
 	xmlns:jpa="http://www.springframework.org/schema/data/jpa"
 	xmlns:int="http://www.springframework.org/schema/integration"
-	xmlns:int-mongodb="http://www.springframework.org/schema/integration/mongodb"
 	xsi:schemaLocation="http://www.springframework.org/schema/beans 
 	http://www.springframework.org/schema/beans/spring-beans.xsd
 	http://www.springframework.org/schema/tx 
@@ -14,26 +13,9 @@
 	http://www.springframework.org/schema/context/spring-context.xsd
 	http://www.springframework.org/schema/data/jpa
     http://www.springframework.org/schema/data/jpa/spring-jpa.xsd
-	http://www.springframework.org/schema/integration/mongodb
-	http://www.springframework.org/schema/integration/mongodb/spring-integration-mongodb.xsd
 	http://www.springframework.org/schema/integration
 	http://www.springframework.org/schema/integration/spring-integration.xsd">
 
-	<!--
-	<bean id="mongoDbFactory"
-		class="org.springframework.data.mongodb.core.SimpleMongoDbFactory">
-		<constructor-arg>
-			<bean class="com.mongodb.Mongo" />
-		</constructor-arg>
-		<constructor-arg value="test" />
-	</bean>
-
-	<bean id="mongoDbMessageStore"
-		class="org.springframework.integration.mongodb.store.MongoDbMessageStore">
-		<constructor-arg ref="mongoDbFactory" />
-	</bean>
-	-->
-	
 	<jpa:repositories base-package="org.woehlke.greenshop" />
 
 	<bean id="dataSource" class="org.apache.commons.dbcp.BasicDataSource" destroy-method="close">
@@ -84,7 +66,8 @@
 	<!--  
 	<int:service-activator input-channel="emailChannel"
 		output-channel="nullChannel" id="sendMail"
-		ref="registrationService" method="sendMail" />-->
+		ref="registrationService" method="sendMail" />
+	-->
 		
 	<!-- Mail service -->
 	<bean id="mailSender" class="org.springframework.mail.javamail.JavaMailSenderImpl">
